package OnTheBeach::Controller::Users;
use strict;
use warnings;
use base 'Catalyst::Controller';
use Digest::SHA1 qw(sha1_hex);

=head1 NAME

OnTheBeach::Controller::Users - Catalyst Controller

=head1 DESCRIPTION

Catalyst Controller.

=head1 METHODS

=cut

=head2 index 

We should display the page the same for everyone
but allow the user that owns it to edit it
one way or another, whether it's displaying a link to edit the 
whole page
or AJAXified sections.

=cut

sub index : Path('/users') {
	my ( $self, $c, $user ) = @_;

	## let's see if this user owns this page
	if ($user) {

		if ( $c->user_exists && $c->user->username eq $user ) {
			
			$c->stash->{is_owner} = 1;
            $c->stash->{template} = "users/user.tt2";

		}
		else {

			$c->res->redirect(

				$c->uri_for( '/login',
					{ error_msg => "Login or create a profile!", next_page => "/users/$user" } )

			);
		}
			
	}

}

=head2 list
    
    Fetch all user objects and pass to users/list.tt2 in stash to be displayed
    
=cut

sub list : Local {
	my ( $self, $c ) = @_;

	$c->stash->{users}    = [ $c->model('OnTheBeachDB::User')->all ];
	$c->stash->{template} = 'users/list.tt2';

}

sub create : Local {
	my ( $self, $c ) = @_;

	# Set the TT template to use
	if ( $c->user_exists ) {

		$c->stash->{error_msg} = "You are already registered!";
		$c->res->redirect( $c->uri_for("/users") );

	}
	else {

		$c->stash->{template} = 'users/create.tt2';

	}
}

sub do_create : Local {

	my ( $self, $c ) = @_;

	# Retrieve the values from the form
	my $username  = $c->req->param('username') || 'N/A';
	my $password  = $c->req->param('passwd');
	my $password2 = $c->req->param('passwd2');
	my $email     = $c->req->param('email') || 'N/A';

        ## die unless our CAPTCHA is valid
        unless ( $c->validate_captcha( $c->req->param('captcha_text' ) ) ){
            
           $c->res->redirect( 
               $c->uri_for( 'create' , { error_msg => 'CAPTCHA image text invalid!' } )
           );
           $c->detach();

        }

	## move to FormFu
	if ( $password ne $password2 ) {

		$c->res->redirect(
			$c->uri_for(
				"/users/create", { error_msg => "Passwords must match!" }
			)
		);

	}

	my $enc_passwd = sha1_hex($password);                       ## encrypt it
	my $user       = $c->model('OnTheBeachDB::User')->create(
		{

			username => $username,
			password => $enc_passwd,
			email    => $email

		}
	) or die $!;

	# Store new model object in stash
	$c->stash->{user} = $user;

	# Set the TT template to use
	$c->stash->{template} = 'users/create_done.tt2';
}

sub delete : Local {

	# $id = primary key of book to delete
	my ( $self, $c, $id ) = @_;

	# make sure user has permission to delete users
	# if authorized, delete user, otherwise send 'em back to the main page
	$c->res->redirect(
		$c->uri_for(
			'/', { error_msg => "You don't have permission to delete users!" }
		)
	) unless $c->check_user_roles('admin');

	# Search for the user and then delete it
	$c->model('OnTheBeachDB::User')->search( { user_id => $id } )->delete_all;

	# Redirect the user back to the list page with status msg as an arg
	$c->res->redirect(

		$c->uri_for( '/users/list', { status_msg => "User deleted." } )

	);

}

sub view : Local {
	my ( $self, $c, $username ) = @_;

	$c->stash->{user} =
	  $c->model('OnTheBeachDB::User')->find( { username => $username } );

}

sub edit : Local {
	my ( $self, $c, $username ) = @_;

	if ( !$c->user_exists ) {

		$c->stash->{error_msg} = "You aren't logged in";
		return;

	}
	elsif (
		!( $username eq $c->user->username or $c->check_user_roles('admin') ) )
	{

		$c->stash->{error_msg} = "You can not edit this user's profile.";
		$c->res->redirect( $c->uri_for('/users/list/') );

	}
	else {

		$c->stash->{user} =
		  $c->model('OnTheBeachDB::User')->find( { username => $username } );
		return;

	}

}

sub moderate : Local {
	my ( $self, $c ) = @_;

	if ( $c->check_user_roles('admin') ) {

		$c->response->body( "Welcome, " . $c->user->username );

	}
	else {

		$c->res->body("Not authorized to be here!");

	}
}

sub online : Local {
	my ( $self, $c ) = @_;
	$c->response->body("Nothing yet...");
}

=head1 AUTHOR

Devin Austin 
devin@onthebeachatnight.com

=head1 LICENSE

This library is free software, you can redistribute it and/or modify
it under the same terms as Perl itself.

=cut

1;
